New Kingston DataTraveler 6000 nearly identical to old model

Kingston has announced the DataTraveler 6000, a ruggedised titanium-coated USB stick for high-end security use by businesses and government which comes with a single added benefit not everyone will need – FIPS 140-2 Level 3 compliance.

Kingston has announced the DataTraveler 6000, a ruggedised titanium-coated USB stick for high-end security use by businesses and government which comes with a single added benefit not everyone will need – FIPS 140-2 Level 3 compliance.

The specification sheets sounds identical to the previous model, the DataTraveler 5000, launched in early 2010, and in almost every single respect it is.

Features shared by the 6000 and 5000 include a tamper-resistant and waterproof case, enforced password complexity, automatic destruction after 10 failed password attempts, and digitally signed firmware updates.

It also makes a virtue of being a hardware product that comes with 256-bit AES-XTS encryption (from US partner Spyrus), an upgrade from block cipher modes such as CBC and ECB common on many rival products, and uses ‘military-grade’ elliptic curve cryptography as recommended by the NSA’s Suite B algorithms.

Now get out a magnifying glass. The 6000’s only difference in terms of security is that it has FIPS 140-2 Level 3 accreditation, something that is critical for government use in North America. What this means in terms of physical differences is not explained by the official spec for either of the two models but will relate to how easy it is to break through its shell without rendering the device useless. For Level 3 this tamper-proofing is a must.

Kingston’s response to our request for clarification was not hugely enlightening:

Related

“The DT6000 tamper-proof (Level 3 certificate for physical security) in comparison to the DT5000 which is just tamper-evident (Level 2 certificate for physical security),” the company said via email.

The 6000 now also has Mac OS X support as standard.

Given that the 5000 model will continue to be sold in parallel, the real point of adding Level 3 over Level 2 is that a few customers require it. For some, Level 2 just isn’t secure enough although that comes at a cost.

The new drives aren’t available in USB 3.0, an odd omission but beyond the security-at-all-cost brief of the designers perhaps. Capacities are also a bit limited, ranging from 2GB to 16GB.